Intercepting Inter-Process Communications

1. A method for modifying inter-process communications (IPC) in a mobile computing environment, the method comprising: determining a first computer memory location of an IPC function within an instance of a virtual machine, the IPC function configured to receive IPC calls from an application running on the instance of the virtual machine; configuring the instance of the virtual machine to redirect, from the IPC function, each IPC call from the application to an interception function located at a second computer memory location within the instance of the virtual machine; responsive to the interception function receiving an IPC call from the application, identifying, in a post-interception database, a set of post-interception actions corresponding to the IPC call; selecting a post-interception action from the set of post-interception actions, the post-intercept action including: invoking a method used to record policies for a set of binder interfaces; inferring transaction information including an interface operated in a transaction corresponding to the transaction parameters by inspecting a set of binder transaction parameters; and passing the transaction information to the interception function to apply the pre-defined policy; modifying, according to the post-interception action, transaction parameters to generate a modified IPC call compliant to a pre-defined policy; sending, by the interception function, the modified IPC call to the IPC function; receiving, by the interception function, a response from the IPC function; and forwarding, by the interception function, the response to the application.

2. A computer program product for intercepting inter-process communications (IPC), the computer program product comprising: one or more non-transitory computer readable storage media and program instructions stored on the one or more non-transitory computer readable storage media, the program instructions comprising: program instructions to determine a first computer memory location of an IPC function within an instance of a virtual machine, the IPC function configured to receive IPC calls from an application running on the instance of the virtual machine; program instructions to configure the instance of the virtual machine to redirect, from the IPC function, each IPC call from the application to an interception function located at a second computer memory location within the instance of the virtual machine; program instructions to, responsive to the interception function receiving an IPC call from the application, identify, in a post-interception database, a set of post-interception actions corresponding to the IPC call; program instructions to select a post-interception action from the set of post-interception actions, the post-intercept action including: invoking a method used to record policies for a set of binder interfaces; inferring transaction information including an interface operated in a transaction corresponding to the transaction parameters by inspecting a set of binder transaction parameters; and passing the transaction information to the interception function to apply the pre-defined policy; program instructions to modify, according to the post-interception action, transaction parameters to generate a modified IPC call compliant to a pre-defined policy; program instructions to send, by the interception function, the modified IPC call to the IPC function; program instructions to receive, by the interception function, a response from the IPC function; and program instructions to forward, by the interception function, the response to the application.

3. A system for intercepting inter-process communications (IPC), the system comprising: one or more computer hardware processors, one or more non-transitory computer readable storage media, and program instructions stored on the computer readable storage media for execution by at least one of the one or more processors, the program instructions comprising: program instructions to determine a first computer memory location of an IPC function within an instance of a virtual machine, the IPC function configured to receive IPC calls from an application running on the instance of the virtual machine; program instructions to configure the instance of the virtual machine to redirect, from the IPC function, each IPC call from the application to an interception function located at a second computer memory location within the instance of the virtual machine; program instructions to, responsive to the interception function receiving an IPC call from the application, identify, in a post-interception database, a set of post-interception actions corresponding to the IPC call; program instructions to select a post-interception action from the set of post-interception actions, the post-intercept action including: invoking a method used to record policies for a set of binder interfaces; inferring transaction information including an interface operated in a transaction corresponding to the transaction parameters by inspecting a set of binder transaction parameters; and passing the transaction information to the interception function to apply the pre-defined policy; program instructions to modify, according to the post-interception action, transaction parameters to generate a modified IPC call compliant to a pre-defined policy; program instructions to send, by the interception function, the modified IPC call to the IPC function; program instructions to receive, by the interception function, a response from the IPC function; and program instructions to forward, by the interception function, the response to the application.